Basic PKA support.

7 files changed, 57 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index 0aa38c3d..670166fc 100644
--- a/NEWS
+++ b/NEWS
@@ -19,11 +19,19 @@ Noteworthy changes in version 1.1.1 (unreleased)
    compatibility is provided.  In other words: If free() worked for
    you before, it will keep working.
 
+ * New status codes GPGME_PKA_TRUST_GOOD and GPGME_PKA_TRUST_BAD.
+   They are analyzed by the verify handlers and made available in the
+   new PKA_TRUST field of the signature result structure.
+
+
  * Interface changes relative to the 1.1.0 release:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 gpgme_key_sig_t			EXTENDED: New field notations.
 GPGME_KEYLIST_MODE_SIG_NOTATIONS NEW
 gpgme_free			NEW
+GPGME_STATUS_PKA_TRUST_BAD      NEW
+GPGME_STATUS_PKA_TRUST_GOOD     NEW
+gpgme_signature_t               EXTENDED: New field pka_trust.
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 4d5239fd..394ca8f7 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -1,3 +1,7 @@
+2005-12-20  Werner Koch  <[email protected]>
+
+	* gpgme.texi (Verify): Document pka_trust.
+
 2005-12-06  Werner Koch  <[email protected]>
 
 	* gpgme.texi (Key Management): Updated to match the fixes for
diff --git a/doc/gpgme.texi b/doc/gpgme.texi
index 351f1dc7..1fc4849c 100644
--- a/doc/gpgme.texi
+++ b/doc/gpgme.texi
@@ -3985,6 +3985,22 @@ not expire.
 @item unsigned int wrong_key_usage : 1
 This is true if the key was not used according to its policy.
 
+@item unsigned int pka_trust : 2
+This is set to the trust information gained by means of the PKA system.
+Values are:
+  @table @code
+  @item 0
+        No PKA information available or verification not possible.
+  @item 1
+        PKA verification failed. 
+  @item 2
+        PKA verification succeeded.
+  @item 3
+        Reserved for future use.
+  @end table
+Depending on the configuration of the engine, this metric may also be
+reflected by the validity of the signature.
+
 @item gpgme_validity_t validity
 The validity of the signature.
 
diff --git a/gpgme/ChangeLog b/gpgme/ChangeLog
index 3e4308a0..3f6e99c9 100644
--- a/gpgme/ChangeLog
+++ b/gpgme/ChangeLog
@@ -1,3 +1,10 @@
+2005-12-20  Werner Koch  <[email protected]>
+
+	* gpgme.h (gpgme_status_code_t): Added GPGME_STATUS_PKA_TRUST_BAD
+	and GPGME_STATUS_PKA_TRUST_GOOD.
+	(gpgme_signature_t): New field pka_trust.
+	* verify.c (_gpgme_verify_status_handler): Set pka_trust.
+
 2005-12-06  Werner Koch  <[email protected]>
 
 	* keylist.c (keylist_colon_handler): Store fingerprints of the
diff --git a/gpgme/gpgme.h b/gpgme/gpgme.h
index 1fafd164..4fb41549 100644
--- a/gpgme/gpgme.h
+++ b/gpgme/gpgme.h
@@ -445,6 +445,8 @@ typedef enum
     GPGME_STATUS_SC_OP_SUCCESS,
     GPGME_STATUS_CARDCTRL,
     GPGME_STATUS_BACKUP_KEY_CREATED,
+    GPGME_STATUS_PKA_TRUST_BAD,
+    GPGME_STATUS_PKA_TRUST_GOOD,
 
     GPGME_STATUS_PLAINTEXT
   }
@@ -1318,8 +1320,11 @@ struct _gpgme_signature
   /* Key should not have been used for signing.  */
   unsigned int wrong_key_usage : 1;
 
+  /* PKA status: 0 = not available, 1 = bad, 2 = okay, 3 = RFU. */
+  unsigned int pka_trust : 2;
+
   /* Internal to GPGME, do not use.  */
-  int _unused : 31;
+  int _unused : 29;
 
   gpgme_validity_t validity;
   gpgme_error_t validity_reason;
diff --git a/gpgme/verify.c b/gpgme/verify.c
index bfce4c89..7792f353 100644
--- a/gpgme/verify.c
+++ b/gpgme/verify.c
@@ -651,6 +651,15 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args)
       return sig ? parse_trust (sig, code, args)
 	: gpg_error (GPG_ERR_INV_ENGINE);
 
+    case GPGME_STATUS_PKA_TRUST_BAD:
+    case GPGME_STATUS_PKA_TRUST_GOOD:
+      opd->only_newsig_seen = 0;
+      if (sig && !sig->pka_trust)
+        sig->pka_trust = code == GPGME_STATUS_PKA_TRUST_GOOD? 2 : 1;
+      /* FIXME: We should set the mailbox which is the argument to
+         these status codes into a new field. */
+      break;
+
     case GPGME_STATUS_ERROR:
       opd->only_newsig_seen = 0;
       /* The error status is informational, so we don't return an
diff --git a/tests/gpgsm/t-keylist.c b/tests/gpgsm/t-keylist.c
index cd01aff3..79a61eaf 100644
--- a/tests/gpgsm/t-keylist.c
+++ b/tests/gpgsm/t-keylist.c
@@ -345,6 +345,13 @@ main (int argc, char **argv)
 		   key->uids->next->uid);
 	  exit (1);
 	}
+      if (key->uids->next && strcmp (key->uids->next->uid, keys[i].email))
+	{
+	  fprintf (stderr, "Unexpected email in user ID: %s\n",
+		   key->uids->next->uid);
+	  exit (1);
+	}
+
 
 
       gpgme_key_unref (key);